DataTrack

What DataTrack Is?

As far as you are here you possibly heard about data losses and how it affected business. We have to work on a Data Losses Prevention project in the beginning of DLP era and made a successful product line. We think DLP systems are significant part of information security of companies. Market analysts say that mass implementation of DLP in 2008 – 2010 reduced year-by-year dynamic of losses caused by internal threats happened. But time changed.

Quotation

“IT has spent years working on desktop security and trying to prevent data loss over web and email channels—but mobile devices are radically changing the game. Tablets and iOS devices are replacing corporate laptops as employees bring-their-own-devices to work and access corporate information. These devices open the door to unprecedented loss of sensitive data. IT needs to be concerned about the data that mobile devices access and not the device itself.” - Fiaaz Walji, Websense Canada Sr. Director

DLP as it designed does not work. It was presumed that data would be processed in trusted ambient of corporate network and you just need to keep an eye on data transfer in and out of the ambient. But corporate networks expanded with cloud services. People bring their own devices to work and continue to use them on private mater. DLP cannot resist this treats.

Zecurion Analytics named the most widespread way of data losses in 2013. It is corporate web-services – 24,5% and laptops-tablets (together) – 16,3%”
You can say: – ‘There are Mobile Device Management systems (aka MDM systems)’. Yes, there are but… they just manage mobile devices involved in information exchange and does not have tools for deep content inspection as DLP systems. So it seems MDM would not solve the problem too.

We tried to work out a new approach to data losses prevention. We presume that trusted ambient does not exist and in order to keep data safe we need to create trusted ambient dynamically depending on how information processed and what content is processed. We named this features as Adaptivity and the system class – Adaptive DLP.

What the Adaptive DLP is?

It is similar to traditional DLP in deep content inspection technologies as ‘digital fingerprints’, morphology analysis and regular expressions detection. It is similar in sensitive data detection approach: ‘data-in-motion’, ‘data-at-work’ and ‘data-at-rest’. Unlike traditional DLP the new Adaptive solution has MDM components and trusted virtual ambient components.

The new system is similar to traditional MDM solution in features of deployment, management, monitor and support of mobile devices. Unlike traditional MDM systems Adaptive DLP system monitors data transferred between mobile user and corporate service and its security policies based on information content categories. This particular feature provides maximum mobility and usability for users and keeps sensitive information safe at the same time.

Trusted virtual ambient components (we named them as ‘virtual containers’) allows to create trusted ambient on an arbitrary[i] infrastructure such as computer in hotel lobby or in internet café. User can carry a flashcard with sensitive data in ‘virtual container’ and use it as safe storage and trusted ambient engine at the same time. We could not find any analogs to compare this technology so we appreciate you point at something similar.